Data economy in the smart city landscape - IV

There are plenty of technologies and approaches to ensure privacy. The very fact that there are so many of them is an indication that we do not have a silver bullet. Credit: Welington Manoel da SilvaUniversidade Federal de Pernanbuco

I, as many others, claim that a Smart City should be based on Open Data, and I have argued in the previous post that by ensuring "ownership" we can create a data economy.

The drawback of Open Data is that it is very difficult to protect/ensure citizens' privacy and this in general, and more so in certain cultures, is a show stopper.

The crucial point is not as much in the fact that data are "open". At first glance one might say that if data were not open (something that would hamper the development of a thriving data economy) we would not have a privacy issue. Actually, the very fact that somebody is collecting data (as many Municipalities and Industries do to carry out their biz) creates a potential for breach of privacy. Hacking is not just a theoretical possibility. Gemalto, as shown in the figure, estimated over a billion compromised records in 2014 all over the world, and this number is steadily growing. A more comprehensive infographic from Gemalto outlines what happened in 2014, and their full report makes for an interesting reading.

The issue with Open Data with respect to privacy is related to the generation of meta-data, those data that are being created out of correlation on visible data. Here the problem is not related to potential hacking, rather to the emergence of information that are hidden in the raw data.

Take as an example the analyses of data derived from the power level of wireless communications. As shown in the figure in the previous post the measure of the power level used in transmission from the base station to the cell phone (and vv) is sufficient to determine the position of the cell phone. This information does not present privacy concern since it does not identify the cellphone (its identity is dropped and does not reach the software processing the data). However, as soon as one starts to correlate data over a period of time it becomes easy to identify whose cell phone that is. You see it moving from 8 to 9 from point A to point B, Monday to Friday and it is not rocket science to infer that such a cell phone belongs to a person going to work from his home. A bit more of digging and you get the identity of the person. At that point a software can start to follow that cell phone, derive information on its whereabouts, on its vicinity to other cellphone in repetitive and suggesting ways and so on.

Hence, as shown in this example, even if the raw data preserve privacy, the analyses of relations (spatial, timing, correlation with other data) break the privacy wall.

It would be good to say that technology can solve this issue. As a matter of fact, as shown in the second figure, there are plenty of technologies to address the privacy issue but there is none that is foolproof. Actually, the more data you have, and the longer the observation period the more possibility to break privacy protection.

Technology, at least so far, is not sufficient. You really need a global framework regulating the access and analyses of data (and of course once you have this in place you still have to consider vulnerability through hacking... as in the case of closed data).

In many cities this is a major issue and it is actually a show stopper. In others, the general consensus is that the benefit deriving from leveraging data, and creating a data economy, are worth the risk and downsize. Notice that privacy is anyhow a very fleeting concept. How many times has somebody took a photo of you and you didn't notice? That photo will likely end up on Facebook, Instagram, Flickr and commonly available software can tag the photo with your name, identifying your face and putting you at a specific time in a certain location and with a certain company...

Personally, I feel that privacy concerns need to be managed but they should not become a show stopper because even by choosing to avoid Open Data you are not guaranteeing privacy to citizen. Addressing the issue can provide a sustainable framework (e.g. the existence of a rule for a maximum speed on the road does not stop you for flooring the pedal but the probability of being caught may deter your whim for speed) and can generate social and economic benefits to the citizenship.